The only reason it existed was because there were still a lot of shops that had internal requirements to order computer hardware and software only from IBM, and this allowed them to have NetWare.
Oracle Linux would let you order the entire software side of the stack, top to bottom, from Oracle ... but if you're going to do that, why not just buy a Sun machine and have the whole thing from one vendor?
Sorry, but I am very much old-school on this issue.
The boxen do periodic backups to a local storage system.
And the storage system sits behind a firewall that prevents it from being reached in any way other than by being right there "inside the room" (on the office LAN).
I just do not have confidence in *any* level of "perceived" security in the "cloud." What's on the net can be hacked - period.
It isn't necessarily all about security, in terms of being hacked. It's also security in recovering from failures.
Or, ideally, never noticing the failures in the first place, because everything is abstracted into oblivion, and the people who maintain a cloudly infrastracture ensure that hardware failures are addressed, while the software blissfully notices that something has failed and shifts to some other available hardware that isn't failing (without anyone having to notice or be concerned about it other than the cloudly maintainers).
This said, such environments are not as useful in, say, a broadcast facility with specialized hardware for distributing a/v stuff. Although it could be, if the broadcasting industry could ever get their head out of their collective ass.
The cloud services that I'm involved in maintaining are nothing like that.
We run on high end hardware, are subject to massive security audits, and because of those audits we can handle PCI, HIPAA, Sarbanes-Oxley, all sorts of strict compliance.
Is the firewall in your house being monitored by an IDS with a NOC standing by 24/7/365 to handle any alerts that come up? Mine is. Does the server in your house have a pile of hot spare disks and a staff of engineers ready to handle replacements any time of the day? Mine does. Do you have thousands of gallons of fuel to keep your server powered up for days in the event of a power outage? I do.
The point is: the kind of enterprise customer who would want to run a big Oracle server, isn't going to just spin up a server at Amazon or Rackspice, and they'd be foolish to try to run it in-house unless they are already operating a carrier class data center of their own. If they want to outsource it to a cloud, they're going to send it to a real enterprise-grade cloud run by a provider who's giving them a strict SLA (Service Level Agreement).
There are big financial penalties to pay for downtime, and huge penalties to pay for lost data.
So yes, if you're a consumer, your data is probably better guarded by you than by some crappy consumer grade cloud. But for the kind of customers for whom data processing is critical to their business ... a managed hosting provider can often do it not only cheaper but also *better* than self-hosting.
The point is: the kind of enterprise customer who would want to run a
big Oracle server, isn't going to just spin up a server at Amazon or
flack jacket time.
Amazon RDS/Mysql is probably the most popular, but Amazon RDS/Oracle exists. On-demand instance pricing starts at $0.04 per instance-hour, which includes the Oracle license, or less for a BYO-License.
Not paying $1Million for Oracle? That, good sir is revolutionary.
There are certain advantages. Starting at $0.08/hour (for the t1.micro instance class, yes) you get a multi-availability-zone deployment with a failover node always on standby. Management (including disaster recovery) is highly automated via Amazon's control plane. DBMS software upgrade? Click a button, don't think about it, endure a very brief downtime window for failover. Capacity upgrade? Ditto.
And you don't have to pay a DBA in a clown-suit to manage backups, or manage the replication process, or manage any of the hardware - and you can *switch to bigger hardware* at any time with a handful of mouse clicks.
The monthly SLA is 99.95% which is hardly a bad deal. I know of few shops that can add another 9, relying on their own expertise, without tremendous expense.
Shit, you'd think I was an EC2 salesman, but that's far from the truth...
Fri Aug 22 2014 07:55:13 AM EDT from IGnatius T Foobar @ UncensoredDoes anyone actually use Oracle Linux? "It's built from the same sources as Red Hat, just like CentOS, except you get to pay us for it!"
Sure, that will work great.
I've got one machine running it here at my company...we have an older STK tape library which manages the robot using ACSLS. Sun/Oracle won't support ACSLS under Red Hat/CentOS...only Oracle Linux, so we kinda had to.
The good thing is that, unlike Red Hat, they do offer full access to download updates and patches.
It feels weird, to me, to make research recommendations to my Linux co-worker (the one hired to work on Linux issues). And yet, I find myself doing this more than I would expect, despite being a primarily Windows-oriented developer.
I dunno... maybe I know more about Linux than I thought.
Thu Sep 18 2014 06:48:48 EDT from fleeb @ Uncensored
It feels weird, to me, to make research recommendations to my Linux co-worker (the one hired to work on Linux issues). And yet, I find myself doing this more than I would expect, despite being a primarily Windows-oriented developer.
I dunno... maybe I know more about Linux than I thought.
I tend to be the one to tell the windows guys what to do in the end... so I guess its vice versa here ;-)
Thu Sep 18 2014 16:35:46 EDT from dothebart @ UncensoredI tend to be the one to tell the windows guys what to do in the end... so I guess its vice versa here ;-)
We should trade. Either I work for your company, or you work for our company, and swap out our respective other. One company or the other will lose out, but the winning company would have some fine work accomplished rather quickly.
Thu Sep 18 2014 21:56:13 EDT from fleeb @ Uncensored
Thu Sep 18 2014 16:35:46 EDT from dothebart @ UncensoredI tend to be the one to tell the windows guys what to do in the end... so I guess its vice versa here ;-)
We should trade. Either I work for your company, or you work for our company, and swap out our respective other. One company or the other will lose out, but the winning company would have some fine work accomplished rather quickly.
well, remember? I quit that company ;-) or rather, it quit me.
hm, yet another linux distribution?
http://nixos.org/nixos/about.html
otoh, it claims that its sort of pupet/ansible/... as core os feature and the whole os structured around it
I dunno... maybe I know more about Linux than I thought.
Smart people tend to be Linux people, so it's inevitable.
Hrm.
I made a very small contribution to Citadel a long time ago, but I might have a contribution to GDK+ that should frighten people because of the security implications, if they accept it at all.
As such, a small request for comments is in order, and before I approach the Gnome folks, I thought I'd ask you guys about it.
I want to provide a library that, when GDK+ sees that it exists, adds it to their loaded libraries, and uses it to forward all events processed by gdk_event_get(). That is, if I understand GDK+ correctly, I want to see every event every application built with GDK+ on a given system emits.
I'm sure you can appreciate the security implications of such a beast.
And naturally, that's a concern.
To help deal with part of the security concern (the only part that the Gnome people should share), I suspect when I make this alteration available to the Gnome folks, I should do the following:
1. Ensure that all such altered code gets the #ifdef guards set up in a way where, by default, you do *not* compile this feature into the toolkit.
2. When compiled into the toolkit, you have to specify an absolute path to the library you want to load. If it can't find the library, it won't load it. It won't search for the library in a path, and the path is compiled into GDK+, hard-coded.
Do you think that would provide enough security?
(And, yeah, I need to do this. I do not have an option to avoid doing this, as we can't really accomplish our goals without something this invasive... but it isn't like we want to spread this around or anything).